package com.lxw.report.meta.config.shiro;


import com.lxw.report.meta.entity.User;
import org.apache.shiro.authc.*;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.HashSet;
import java.util.Set;

/**
 * 作用：认证授权<br>
 * 说明：(无)
 */
@Component
public class UserRealm extends AuthorizingRealm {

//    @Autowired
//    private IUserService userService;

    /**
     * 授权(验证权限时调用)
     *
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        //null usernames are invalid
        if (principals == null) {
            throw new AuthorizationException("用户名不得为空");
        }
        User user = (User) getAvailablePrincipal(principals);
        Long userId = user.getId();

        //todo 后期赋予真实用户角色与权限
        Set<String> roles = new HashSet<>();
        Set<String> permissions = new HashSet<>();

        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        //添加角色
        simpleAuthorizationInfo.setRoles(roles);
        //添加权限
        simpleAuthorizationInfo.setStringPermissions(permissions);

        return simpleAuthorizationInfo;
    }

    /**
     * 认证(登录时调用)
     *
     * @param authToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken) authToken;
        //查询用户信息
//        User user = userService.getByUsername(token.getUsername());
        //账号不存在
//        if (user == null) {
//            throw new UnknownAccountException("账号或密码不正确");
//        }
        // 账号状态判断
//        if (UserStatusEnum.INACTIVE.getCode().equals(user.getStatus())) {
//            throw new LockedAccountException("账号已停用，请联系管理员");
//        }

        //账号qpp登录权限判断
        //非管理员则判断是否有app登录权限
//        if(!UserIdentityEnum.isAdmin(user.getIdentity())){
//
//        }

        //密码判断
//        String password = CryptionKit.genUserPwd(new String((char[]) token.getCredentials()));
//        if (!user.getPassword().equals(password)) {
//            // 密码错误
//            throw new IncorrectCredentialsException("账号或密码不正确");
//        }
//        return new SimpleAuthenticationInfo(user, user.getPassword(), getName());

        return new SimpleAuthenticationInfo(null, "", getName());
    }

    @Override
    public void setCredentialsMatcher(CredentialsMatcher credentialsMatcher) {
        HashedCredentialsMatcher shaCredentialsMatcher = new HashedCredentialsMatcher();
        shaCredentialsMatcher.setHashAlgorithmName("MD5");
        shaCredentialsMatcher.setHashIterations(1);
        super.setCredentialsMatcher(shaCredentialsMatcher);
    }
}
